Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

yaml_load should not be B5xx cryptography group #306

Open
ericwb opened this issue May 14, 2018 · 1 comment
Open

yaml_load should not be B5xx cryptography group #306

ericwb opened this issue May 14, 2018 · 1 comment
Labels
bug good first issue
Milestone
Near Future

Comments

@ericwb
Copy link
Member

@ericwb ericwb commented May 14, 2018

Describe the bug
The yaml_load plugin has bandit ID B506. The 5xx group according to [1] is defined as the group for cryptography. This plugin would be more appropriate as a type of injection B6xx

To Reproduce
n/a

Expected behavior
n/a

Bandit version

bandit 1.4.0

Additional context
Add any other context about the problem here.
@ehooo
Copy link
Contributor

@ehooo ehooo commented May 17, 2018

I created the issue #293 for add on README the explanation for each code,
I think this could improve the new codes for contributors.

@ericwb ericwb added the bug label May 24, 2018
@nwalsh1995 nwalsh1995 mentioned this issue Jun 21, 2018
Closed
@ericwb ericwb added this to the Release 1.6.1 milestone May 9, 2019
@ericwb ericwb removed this from the Release 1.6.1 milestone May 9, 2019
@ericwb ericwb added this to the Near Future milestone May 9, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug good first issue
Projects
None yet
Milestone
Near Future
Linked pull requests

Successfully merging a pull request may close this issue.

None yet
3 participants
@ehooo @ericwb @lukehinds